public static class CreateZoneDetails.Builder extends Object
| Constructor and Description |
|---|
Builder() |
public CreateZoneDetails.Builder name(String name)
public CreateZoneDetails.Builder compartmentId(String compartmentId)
public CreateZoneDetails.Builder freeformTags(Map<String,String> freeformTags)
public CreateZoneDetails.Builder definedTags(Map<String,Map<String,Object>> definedTags)
public CreateZoneDetails.Builder zoneType(CreateZoneDetails.ZoneType zoneType)
The type of the zone. Must be either PRIMARY or SECONDARY. SECONDARY is only supported for GLOBAL zones.
zoneType - the value to setpublic CreateZoneDetails.Builder viewId(String viewId)
This value will be null for zones in the global DNS.
viewId - the value to setpublic CreateZoneDetails.Builder scope(Scope scope)
The scope of the zone.
scope - the value to setpublic CreateZoneDetails.Builder externalMasters(List<ExternalMaster> externalMasters)
External master servers for the zone. externalMasters becomes a required
parameter when the zoneType value is SECONDARY.
externalMasters - the value to setpublic CreateZoneDetails.Builder externalDownstreams(List<ExternalDownstream> externalDownstreams)
External secondary servers for the zone. This field is currently not supported when
zoneType is SECONDARY or scope is PRIVATE.
externalDownstreams - the value to setpublic CreateZoneDetails.Builder dnssecState(ZoneDnssecState dnssecState)
The state of DNSSEC on the zone.
For DNSSEC to function, every parent zone in the DNS tree up to the top-level domain
(or an independent trust anchor) must also have DNSSEC correctly set up. After enabling
DNSSEC, you must add a DS record to the zone's parent zone containing the KskDnssecKeyVersion data. You can find the DS data in the dsData attribute of
the KskDnssecKeyVersion. Then, use the PromoteZoneDnssecKeyVersion
operation to promote the KskDnssecKeyVersion.
New KskDnssecKeyVersions are generated annually, a week before the existing
KskDnssecKeyVersion's expiration. To rollover a KskDnssecKeyVersion, you
must replace the parent zone's DS record containing the old KskDnssecKeyVersion
data with the data from the new KskDnssecKeyVersion.
To remove the old DS record without causing service disruption, wait until the old DS
record's TTL has expired, and the new DS record has propagated. After the DS replacement
has been completed, then the PromoteZoneDnssecKeyVersion operation must be
called.
Metrics are emitted in the oci_dns namespace daily for each KskDnssecKeyVersion indicating how many days are left until expiration. We recommend
that you set up alarms and notifications for KskDnssecKeyVersion expiration so that the
necessary parent zone updates can be made and the PromoteZoneDnssecKeyVersion
operation can be called.
Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency.
For more information, see [DNSSEC](https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnssec.htm).
dnssecState - the value to setpublic CreateZoneDetails build()
public CreateZoneDetails.Builder copy(CreateZoneDetails model)
Copyright © 2016–2024. All rights reserved.